CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-4163

Malware in sbrugna...

3.5CVSS6.4AI score0.00179EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2015-4164

Malware in sbrugna...

6.8CVSS6.4AI score0.00104EPSS

Exploits1References4

NVD•added 2015/06/18 6:59 p.m.•9 views

CVE-2015-4140

Cross-site request forgery CSRF vulnerability in the WP Smiley plugin 1.4.1 for WordPress allows remote attackers to hijack the authentication of editors for requests that conduct cross-site scripting XSS attacks via the s4w-more parameter to the smilies4wp.php page to wp-admin/options-general.ph...

6.8CVSS6.5AI score0.00104EPSS

Exploits1References3

Prion•added 2015/06/18 6:59 p.m.•6 views

Cross site scripting

Cross-site scripting XSS vulnerability in smilies4wp.php in the WP Smiley plugin 1.4.1 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the s4w-more parameter to wp-admin/options-general.php...

3.5CVSS5.8AI score0.00179EPSS

Exploits1References3Affected Software1

Prion•added 2015/06/18 6:59 p.m.•9 views

Cross site request forgery (csrf)

6.8CVSS6.8AI score0.00104EPSS

Exploits1References3Affected Software1

CVE•added 2015/06/18 6:0 p.m.•34 views

CVE-2015-4140

CVE-2015-4140 : In the WP Smiley plugin for WordPress (version 1.4.1), a CSRF vulnerability allows remote attackers to hijack the authentication of editors and carry out cross-site scripting (XSS) via the s4w-more parameter to smilies4wp.php, targeting wp-admin/options-general.php. The issue stem...

6.8CVSS6.7AI score0.00104EPSS

Exploits1References3Affected Software1

Cvelist•added 2015/06/18 6:0 p.m.•13 views

CVE-2015-4140

6.5AI score0.00104EPSS

Exploits1References3

Cvelist•added 2015/06/18 6:0 p.m.•15 views

CVE-2015-4139

5.4AI score0.00179EPSS

Exploits1References3

CVE•added 2015/06/18 6:0 p.m.•32 views

CVE-2015-4139

CVE-2015-4139 affects the WordPress plugin WP Smiley (plugin version 1.4.1). The vulnerability is a cross-site scripting (XSS) flaw in the file smilies4wp.php that allows an authenticated remote user to inject arbitrary script/HTML via the s4w-more parameter to wp-admin/options-general.php. The p...

3.5CVSS5.5AI score0.00179EPSS

Exploits1References3Affected Software1

Patchstack•added 2015/05/31 12:0 a.m.•12 views

WordPress WP Smiley Plugin <= 1.4.1 - CSRF

This vulnerability allows an attacker to hijack the authentication of editors for requests that conduct cross-site scripting XSS attacks via the "s4w-more" parameter to the smilies4wp.php page to wp-admin/options-general.php. Solution Update the plugin...

6.8CVSS4.6AI score0.00104EPSS

Exploits1References1Affected Software1

WPVulnDB•added 2015/05/29 12:0 a.m.•24 views

WP Smiley <= 1.4.1 - CSRF & Cross-Site Scripting (XSS)

Cross-Site scripting XSS in smilies4wp.php in the WP Smiley plugin 1.4.1 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the s4w-more parameter to wp-admin/options-general.php...

6.8CVSS3.4AI score0.00179EPSS

Exploits2References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by